Cybersecurity Services

Run engagements with the Cobalt Cybersecurity Services team.

Cybersecurity Services provides security testing solutions beyond Pentesting as a Service. Our focus on process execution allows for faster engagements with a centralized view into the health of security programs and a clear path for elevated security posture.

Engagements

The Cobalt Cybersecurity Services team can run the following engagements:

  • Digital risk assessment*
  • IoT ecosystem pentest
  • Secure code review*
  • Vulnerability validation
  • Goal-based pentest
  • Threat modeling
  • Red teaming
  • Wireless network pentest
  • Physical social engineering
  • Electronic social engineering
  • Security hardening

*Indicates engagements available to create on Cobalt. Other engagement types will be handled by request on the Catalog page or contact us.

Process

Lifecycle of the Cobalt pentest program

Here are the stages of a Cybersecurity Services engagement:

StageDescription
1DiscoverYou define what you need to test. Create an engagement brief, or make a request on the Catalog page.
2PlanDuring this stage, we will determine the scope, including the engagement type and methodology. Create a Statement of Work (if applicable) and set timelines.
3TestThe Cobalt Cybersecurity Services team tests your asset using the determined methodology.
  • We share vulnerabilities that we discover in real time, in a dedicated Slack channel.
  • At this stage, you can start remediating findings.
4RemediateThe testing process is complete. Remediate discovered findings.
  • We provide remediation guidance during testing.
  • Free retesting is depending upon the type of engagement.
5ReportWe share a report once the engagement is complete. For engagements, the report sections may differ compared to standard pentests.
6AnalyzeOnce the engagement is complete, analyze the security posture of your asset.
  • Deep dive into the report to assess discovered vulnerabilities with your development and security teams.
  • Take the required remediation actions.

Asset Types

Cybersecurity Services supports additional asset types, beyond our standard pentest asset types. You may see these asset types in the Cobalt UI:

Asset TypeDescription
IoTAn IoT ecosystem. As defined by NIST, an IoT device has at least one transducer (sensor or actuator) for interacting directly with the physical world and at least one network interface, such as Ethernet, Wi-Fi, or Bluetooth, for interfacing with the digital world.
PhysicalOffices, buildings, data centers, campuses, or any other physical space that requires access control due to the presence of sensitive information, equipment, or processes.
Wireless NetworkWi-Fi networks consist of a wireless router or access point that broadcasts signals, allowing devices equipped with Wi-Fi capability (such as smartphones, laptops, tablets, and smart home devices) to connect wirelessly. Users can access the internet or communicate with other devices within the network range without needing physical cables.
OtherAsset used in other engagements, such as phishing, red teaming, security hardening, and more.

How to Request Cybersecurity Services

To request a Cybersecurity Service, navigate to the Catalog page in Cobalt. Select Request on the service you are interested in.

Our CSM team will reach out to start the process at a time that suits you. We will ask you to fill out a scoping form which will speed up the process.

Last modified November 14, 2024